Why You Shouldn’t Open Compressed Files with a Password on Them

In this blog, we explain the risks of compressed files with a password on them for your infrastructure and the meaning of checksum error winrar.

Why Compress Files?

If you’ve been in cyberspace for a while, you’ve surely heard of zip files. Who didn’t? The ability to “zip files up” is appealing to many since compression – or zipping – can be used to create archives of files, documents, images, or projects by reducing their overall size and saving precious storage space as a result. The checksum error winrar is used to check whether the internals of the compressed file are corrupted, but there’s more to it than that.

Don’t Open Compressed Files with Passwords on Them

Compressing files is a reliable mechanism to reduce the size of files before sharing them and it works together with the checksum error winrar. That way, one can bypass size restrictions posed by uploading services, ensure that the compressed files aren’t corrupted, and upload files more quickly too. However, there are certain things you should know about compression and passwords are one of them.

If you ever get sent a compressed file that’s protected by a password, it isn’t a red flag per se – open and check it if the sender is someone who you trust. However, if the password-protected compressed file is uploaded to a cloud service like Google Drive, OneDrive, or something similar and the sender asks you to unzip the file to obtain some information – especially if the sender is someone you barely know (this often happens to influencers when brands contact them in regards to sponsorship) – the file is most likely a virus.

The reason someone would add a password to a compressed file is that Google and/or Microsoft wouldn’t be able to scan the contents of the zip file for viruses. As such, OneDrive/Google Drive would only provide you with a message like “Hmm… looks like this file does not have a preview we can show you” or “Google Drive can’t scan this file for viruses.” That happens because the compressed file is protected with a password that prevents Google from working on it – regardless if the file induces a checksum error winrar or not, it’s probably malicious. Bonus points if the file has a sketchy extension associated with it!

Sketchy extensions on a file are a reason not to open them in the first place, and if you see an error like so or the file is zipped (or if the extension is shown after unzipping the file), run. Run far and hide. And perhaps delete the email you’ve received this file with too J

Always be wary of the extensions of the files you open, and avoid downloading files that are compressed. If you must do so, do it on a sandbox or a virtual machine.

Summary

Even though you might know a bunch of things that help you avoid falling victim to cybercrime such as checking the domain names, verifying the email accounts the email is sent from, and find yourself using strong passwords, there’s always a probability of an attack, and the attack can take the most basic forms possible – perhaps even contain a Trojan horse in a zipped file that cannot be scanned by cloud services. Give a spin to the BreachDirectory data breach search engine to stay safe, follow security recommendations outlined by agencies, institutions, or your employer, and until next time.

FAQ

Why Shouldn’t I Open Compressed Files with a Password?

Reconsider opening compressed (zip/rar) files with a password on top of them because a password prevents Google Drive, OneDrive, and other cloud services from scanning the file for viruses.

What is a Checksum Error Winrar?

This error occurs when winrar is used and the archive used to compress files has corrupted files inside of itself.

Why Should I Use BreachDirectory.com?

The data breach search engine provided by BreachDirectory.com will allow you to evaluate whether your account is at risk of identity theft and take appropriate actions if your identity is at risk of being stolen.